Video Screencast Help
Encryption Blog
Showing posts tagged with Symantec Endpoint Encryption - Device Control
Showing posts in English
Doug McLean | 12 Aug 2008 | 0 comments

Decryption Without Key Present

The PGPsdk has a feature that allows the Encrypted Session Key (ESK) from a message to be extracted and decrypted separately. The decrypted ESK could then be used later to decrypt the original message. It works as follows:

1) Assuming the client has a PGP encrypted message.  The PGPDecode() function could be called with a event handler that extracts the ESK(s) which are presented to the handler during a  kPGPEvent_PassphraseEvent.

typedef struct
{
   PGPByte   *sessionKey;
   PGPSize   sessionKeySize;
} SessionKeyInfo;

 

static PGPError sExtractESKHandler( PGPContextRef context,
                                   ...
Doug McLean | 25 Jul 2008 | 0 comments

While products such as PGP Universal and PGP Desktop have done a successful job of protecting email and storage, securing the data presented in web application have largely been unaddressed.  Users of web mail (Gmail), forums, blogs and group calendering (google calender) currently have no reasonable way to insure the privacy of their information, in that it often resides on the web server. This pair of blogs discusses the various options for using PGP technology to extend the web client with the goal of securing web data with and without the consent of the web site operator.

Securing Web Data...An Undiscovered Country

Web applications are especially popular among mobile computer users. This is partially due to the computing and power limitation of the mobile devices, but also because of the complexity of security and synchronization issues.  While MAPI/Notes and IMAP are often used for corporate mail, web mail has also become very popular....

Doug McLean | 03 Sep 2004 | 1 comment

Abstract

Access to computer services has conventionally been managed by means of secret passwords and centralized authentication databases. This method dates back to early timeshare systems. Now that applications have shifted to the Internet, it has become clear that the use of passwords is not scalable or secure enough for this medium. As an alternative, this paper discusses ways to implement federated identity management using strong cryptography and the same PGP® key infrastructure that is widely deployed on the Internet today.

Beyond Passwords

The inherent security weakness and management complexities of password-based authentication and centralized authorization databases make such systems inadequate for the real-world requirements of today's public networks. However, by applying the same proven cryptographic technology used today for securing email, we can construct a robust authentication system with the...